LAMP stands for Linux, Apache, MySQL, and PHP, which represents a very common configuration for Linux-based web servers. If you’re interested in testing websites, particularly those that involve a server-side scripting language like PHP, you can install a local LAMP server on your own computer. This tutorial will show you some tricks for setting up a local LAMP server.

Most of this tutorial will apply to any Linux distribution, however the first trick only applies to Debian-based distributions using Synaptic (including Ubuntu).

Trick 1: Installing LAMP with one click

Open Synaptic and choose Edit > Mark packages by task… Then check the box next to LAMP Server, click OK, and click Apply. That’s it!

Sets of packages can be marked together

Trick 2: Easy access to /var/www/

By defualt, the directory that stores all the files for your new server (/var/www/) can only be written to by root. This gets to be a real pain, since you have to use sudo any time you want to put something in /var/www/. You can fix this using the following command:

sudochmod o+w/var/www/

This allows anyone to write to /var/www/. I am sure many people will argue that this is a bad policy; however, I generally feel that there is minimal risk in opening up one non-essential directory to write access by anyone on a personal computer.

Trick 3: Testing on a different computer

What if your new website involves interactions between different users or you need to see how it looks on a different operating system? You don’t need to buy hosting space just to do these tests. If you have another computer on the same network, you can actually access the website from that computer.

On your server computer, type this command:

ifconfig

Find the IP address after inet addr and enter this in the address bar on a different computer that is on the same network. You should see the Apache “It works!” page or whatever else you have in the root of your /var/ww/ directory.

I hope this helps you create some cool websites without paying for hosting until you really need it.

Everything in this tutorial should apply to most Linux distributions, however some of the commands may be specific to Ubuntu. You may need to modify some commands to work with your Linux distribution. This is an advanced tutorial, so most instructions will be given as text commands.

A Note About Security

Allowing outside machines to access your computer is inherently risky. Assuming your router and/or firewall is properly configured, you will need to poke some holes in it. This potentially leaves you vulnerable to attack. Proceed at your own risk. Because security is a constantly changing issue, you are responsible for securing your own computer and network. You have been warned. If you are not behind a router or other physical firewall and you can’t explain why this is the case, do not proceed.

Introduction

You’ll be glad to know that this step is the easiest of them all. If you’ve made it this far, you have already done the hard part.

Downloading PuTTY

There are probably thousands of different SSH clients for Windows, but the most popular of these is a program called PuTTY. It’s a free download and requires no installation, which means you should be able to run it off a flash drive. (Naturally, it’s also open-source and released under the MIT license.) Go ahead and download PuTTY. (Look for putty.exe)

Trying it out

Just fill in two fields.

Just double-click on putty.exe and fill out the Host Name and Port fields. Your host name should be:

Everything in this tutorial should apply to most Linux distributions, however some of the commands may be specific to Ubuntu. You may need to modify some commands to work with your Linux distribution. This is an advanced tutorial, so most instructions will be given as text commands.

A Note About Security

Allowing outside machines to access your computer is inherently risky. Assuming your router and/or firewall is properly configured, you will need to poke some holes in it. This potentially leaves you vulnerable to attack. Proceed at your own risk. Because security is a constantly changing issue, you are responsible for securing your own computer and network. You have been warned. If you are not behind a router or other physical firewall and you can’t explain why this is the case, do not proceed.

Introduction

You’ll be glad to know that the graphical piece is actually a lot easier than the first two parts. It’s really just a few configuration changes and that’s it.

On the server end

Open your /etc/ssh/sshd_config file.

gksudo gedit /etc/ssh/sshd_config

Then make sure that X11Forwarding is set to on and both of the lines below are uncommented (meaning that they do not have a # in front on them:

X11Forwarding yes
X11DisplayOffset 10

That’s it on the server end!

On whatever computer your using….

You may also need to change some settings on the computer from which you are connecting. Open your /etc/ssh/ssh_config file. Notice the subtle difference between sshd_config and ssh_config.

Everything in this tutorial should apply to most Linux distributions, however some of the commands may be specific to Ubuntu. You may need to modify some commands to work with your Linux distribution. This is an advanced tutorial, so most instructions will be given as text commands.

A Note About Security

Allowing outside machines to access your computer is inherently risky. Assuming your router and/or firewall is properly configured, you will need to poke some holes in it. This potentially leaves you vulnerable to attack. Proceed at your own risk. Because security is a constantly changing issue, you are responsible for securing your own computer and network. You have been warned. If you are not behind a router or other physical firewall and you can’t explain why this is the case, do not proceed. I would also advise you to only try this on your home network, because your employer will probably dislike you messing with SSH, unless, of course, that’s your job.

Security First

There are some security tweaks you can make to your /etc/ssh/sshd_config file. There are, of course, tons and tons of tweaks you can make. A complete guide to the OpenSSH configuration file is way, way beyond this guide, but I’ll cover a few things you can do:

Port 4005# Only listen on port 4005# 4005 is just an example, this can be anything roughly between 1500 and 5000

This was discussed in part 1, so I suggest you read that. The basic lesson is that you probably shouldn’t use port 22 (the default).

ListenAddress 192.168.1.175 # Only listen on network interfaces with the IP 192.168.1.175

What this line says is to only listen on network connections where your computer’s IP is, in this case, 192.168.1.175. This is useful for a number of reasons. For example, if you have multiple network connections (such as an ethernet connection and a WiFi connection), you could tell SSH to only work on one of those connections. Also, if you were at a coffee shop or some other public WiFi, you would probably not have the same IP address that you do on your own network (depending on your network’s configuration). Basically, it’s just a generally good idea to specify what IP address SSH should listen on. Getting your IP address was also covered in part 1. The quick version is that executing ifconfig should tell you.

Protocol 2# Only allow logins using SSH 2

There are two versions of the SSH protocol. SSH 1 is old and potentially insecure. Make sure you are only allowing protocol 2 with the line above. This should really already be in your default configuration, but if it isn’t, add it.

PermitRootLogin no

Once again, this is pretty straight-forward and is probably already in your configuration. You shouldn’t usually login to root locally, so why would you let remote users login to root? You can still sudo or whatever.

AllowUsers thomas # Only allow thomas to login

This option allows you to specify which user(s) should be allowed to login via SSH. You may or may not want to add this, but if your only going to login with one account, it adds a small extra layer of security.

It is worth noting that a lot of these configurations are purely security through obscurity. Contrary to what some people say, I don’t believe there is anything wrong with that, as long as it’s not your only defense.

Getting our of your local network

Time to access your computer across the internet. I’ll warn you about the risks again:

A properly configured home router should usually pretend not to exist by giving no reply to unsolicited communications from the outside. In other words, if I try to talk to your router without your router talking to my server, you router should ignore me as if no one was there. This gives you great security, since if no one knows you are there, it’s hard to attack you. (This does not, of course, have any effect on malware spread by email, the web, chat programs, etc.) Allowing your computer to be remotely accessed over the internet cuts a hole in that anonymity. Your router will have to start replying to requests on a particular port. This is dangerous, but not too dangerous as long as your securing everything correctly. (You can test how your router is configured with GRC’s SheildsUP! tool.)

Getting a consistent IP address

The first step is to make sure that your computer always gets the same IP address. If you are using DHCP, and you probably are, then your computer will get a different IP address ever time you get on your network, usually in the range of 192.168.1.100 to 192.168.1.150 or so. You need to setup something called a static lease in which one computer, identified by a MAC address and a hostname, always gets the same IP address.

This is a completely router specific process, so I can’t help you much. Unfortunately, some routers don’t even support this feature. Usually by installing a custom firmware like DD-WRT, you can get the feature even if your router doesn’t support it. Chadwick Wachs has an excellent tutorial for setting up static leases in DD-WRT, which should help you.

From your router to your computer

Next, we need to redirect traffic from your router, which is the only place an external computer can connect to, to your computer. This feature is support by almost ever router, so don’t work. It’s fairly simple, too.

Again, this is router specific, but you can find specific instructions for many routers on PortForward.com. Remember to replace port 22 with whatever port you choose in part 1.

To your router

Don’t worry, your almost there! The final step is to find a way to track your router’s changing IP address. (Yes, that changes too.)

Without paying your ISP extra, you can’t usually get a static IP for your router. Luckily, services like DynDNS.com (a free account is plenty) will give you a free subdomain that points to your router. For example:

username.dyndns.com would point to your routers IP

In order to get the IP to update, you need to enter your DynDNS account into your router settings. Once again, this is router specific, but look for a DDNS section in your router configuration.

All done

Ok. If you’ve made it this far, congratulations! You should now be able to access your computer from any other computer on the internet (with an SSH client, of course), using this command:

Everything in this tutorial should apply to most Linux distributions, however some of the commands may be specific to Ubuntu. You may need to modify some commands to work with your Linux distribution. This is an advanced tutorial, so most instructions will be given as text commands.

A Note About Security

Allowing outside machines to access your computer is inherently risky. Assuming your router and/or firewall is properly configured, you will need to poke some holes in it. This potentially leaves you vulnerable to attack. Proceed at your own risk. Because security is a constantly changing issue, you are responsible for securing your own computer and network. You have been warned. If you are not behind a router or other physical firewall and you can’t explain why this is the case, do not proceed. I would also advise you to only try this on your home network, because your employer will probably dislike you messing with SSH, unless, of course, that’s your job.

About SSH

SSH stands for secure shell. It is a protocol that allows you to access a computer across a network. We will use OpenSSH, an implementation of SSH, since it is the default on most Linux systems.

Installing SSH

SSH is installed by default on almost every Linux distribution, however there is usually no SSH server, which is required to actually share your machine with SSH. Use your preferred package manager to install openssh-server

.sudo apt-get install openssh-server

To check if OpenSSH is running type this:

ps-e|grepssh

This command will list all running processes and then filter the list to only display processes that include “ssh”. You should see a line like this:

11032 ? 00:00:00 sshd

This means that OpenSSH is running. If you don’t see a line like that, try running this command:

sudo/etc/init.d/ssh start

(If two sshd instances are running, it may cause problems. You can usually fix this problem by issuing the command sudo killall sshd followed by sudo /etc/init.d/ssh start.)

Basic Configuration

There are two steps to configuring your SSH sever. First you must edit the OpenSSH configuration file, then you have to open a hole in your firewall. To start, open the OpenSSH configuration file, which is usually located in /etc/ssh/sshd_config, with your favorite text editor.

gksudo gedit /etc/ssh/sshd_config

Part 2 of this series will discus more configuration options. For now, most of the default configuration should be fine. The one part that you should change now is the port. Your computer has a bunch of different ports (specifically 65535 of them). Each port is like a door that other computers can knock on. For example, when you visit a website, the request goes out through port 80 and the website comes back in through port 80. The first 1024 ports are reserved for specific protocols. Port 22 happens to be reserved for SSH. It is not advisable, however, to let your SSH server listen on that port, though, because an attacker would most likely be scanning for open port 22′s. It is best to change the port option in your OpenSSH configuration to a port number greater than 1024 (and less than 65535). This makes it harder for an attacker to guess which door to knock on. If none of that makes sense, that’s OK. Just change the number after “Port” to a number between 1500 and 5000. While you might be able to use higher numbers, really high port numbers will get you in trouble. See the IANA website for more information about port numbering.

# What ports, IPs and protocols we listen for
Port 4005

Opening ports in your software firewall

Next you need to open whatever port you choose in your software firewall, if you are using one. Most Linux distributions have one installed by default, so if you don’t know, you probably are using one. Most people should probably install Firestarter, which is a GUI front end to managing IPTables.

sudoapt-get install firestarter

Open Firestarter and follow the setup wizard. Then click on the Policy tab. Select “Inbound Traffic Policy” and click in the box that has “Allow Service | Port | For” at the top. Then click on the Add Rule button. Enter the port you choose and SSH as the name. Then select “Everyone” and click Add.

Testing it out

You are now ready to test it out. Get your IP address on your local network with this command:

ifconfig

You will need to dig through the output to find your IP address. Here is the relevant piece of the output I see:

Now go to another Linux or Mac OS X computer on the same network. Technically you can use the same computer, but it’s not as good of a demo. Type this:

ssh-p<em>port number</em><em>username</em>@<em>ip address</em>

For example, I would type:

ssh-p4005 thomas@192.168.1.175

You may get a message about the server’s RSA key. This is normal and typing yes will bypass the message. Then you should get a prompt for your password. Enter your password and you will be inside your other machine.

Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.1.175'(RSA) to the list of known hosts. thomas@192.168.1.175's password:

Wrapping up

Congratulations! SSH is up and running. Part 2 will teach you how to access your computer from another computer across the internet.

Sorry IE 6 users. You may not be able to see the pictures in this post. If you have trouble viewing the images in a modern browser, please let me know.

In the age of digital photography, almost everyone performs at least a few edits on their photos. For simple thing, programs like F-Spot or Google’s Picasa may be enough, but you may also need something more. That’s where Gimp does an excellent job, offering more tools for editing your photos. As with many applications, though, Gimp’s most powerful features come from plugins that let you do more than you could with Gimp alone. Here are three excellent Gimp plugins for photographers.

Adding vignettes

A vignette is an effect that usually makes the corners of a photo darker or lighter. When overused, it can look like a circular photo in the center with fuzzy edges, but a small vignette effectively focuses the viewer’s eyes on the subject without them even noticing. As a general rule, if you can look at a photo and tell immediately that it has a vignette on it, the vignette is too big.

Adding a vignette

You can add a vignette like this with the Vignette Script plugin. It allows you to define the area around which you would like to apply the vignette as well as customize numerous aspects of the vignette itself.

Fixing over or under exposed parts of an image

Sometimes it’s simply not possible to correctly expose all of an image. Particularly in landscapes where the sun lights parts of the picture while other parts remain in the shade, parts of the picture may be almost washed out or too dark to see. In the example below, I faked a very dark image where only the subject is properly exposed.

Fixing under exposure

The fix, of course, was a Gimp plugin. This one is called Contrast Fix. It will fix parts or all of am image that is to dark or too bright.

The finishing touch – adding a frame

Once you’ve editied your photo, you want to present it nicely. One common choice is to put a border (or frame) around the image, as in the example below:

Everything looks better in a frame.. right?

The plugin that produced the image above (or, well, the border at least) is simply called Line Border. You can adjust all the sizes and colors and position text in multiple places.

Conclusion

Hopefully some of these plugins will help you when you are next editing photos. What other Gimp plugins or external tools do you use in your photo workflow?

The fact that the current most popular OS for Netbooks is a stock install of Windows XP tells us that there is a need for a netbook OS that doesn’t suck. Windows is fine on a desktop or laptop, but it just wasn’t made to be scaled onto a 9″ screen, much less a keyboard. Jolicloud promises to be that netbook OS that really works.

First boot of Jolicloud

Upon booting Jolicloud, you’ll notice instantly that it’s basically Ubuntu with some modifications. Specifically, it’s based on Ubuntu Netbook Remix. In fact, the default login sound, which sounds quite out of place in the modern-looking Jolicloud, hasn’t even been changed.

Jolicloud keeps the launcher application and basic design of Ubuntu Netbook Remix (UNR), too. If your not familiar with UNR, this basically means three things:

The main interface

First, all of your applications are sorted into category-based tabs (like in the GNOME menu). Clicking on a tab displays a page with large icons for each application. A single click opens the application. Additionally, on the right of the screen are links to your home folder, documents folder, and so on. These folder links are not as well integrated, though, and open up an instance of Nautilus (the file browser). Continue Reading –>

Advanced backup tools that keep multiple copies of files and so on have their place, but sometimes you just need a simple scheduled sync, not a full backup. For example, I have an SD card that stays in my laptop almost all the time. On this, I keep a copy of most of my home folder that gets updated every day at 1:30 in the morning. I no longer have to think about it, it just happens. Here’s how you can do the same thing:

Install GRsync and gnome-schedule. In Ubuntu, you can install GRsync from Add/Remove programs, but gnome-schedule is only available from Synaptic.

Open GRsync and create a new session. Choose the source folder location in the first box and the target folder in the second box. Then you can configure the options below. You will almost certainly want the “delete on destination” option. I have also selected “preserve time,” “preserve permissions,” “verbose,” “show progress,” and “Windows compatibility.”

Move on to the advanced options tab. The most important part here is the “additional options” section. Here you can specify anything else you want to pass to rsync, the backend program that actually does the file transfer. The most useful argument you can supply is –exclude=”something”. For example, I have entered this:–exclude=’*.iso’ –exclude=’.VirtualBox’ –exclude=’.miro’ –exclude=”.nautilus” –exclude=”.Trash”This tells rsync to ignore any file with the extension .iso, skip the VirtualBox, Miro, and Nautilus folders, and skip the trash. If your target directory is a USB hard drive, you may not have to worry about this, but my SD card can’t fit everything, so I don’t copy some of the less important stuff.

Press “Execute” and make sure everything works.

Open Gnome Schedule (in Ubuntu, you can find it under System > Preferences > Scheduled Tasks. Click on new and create a recurring task. Enter whatever you want for a description and choose when you want to backup to run. Finally, enter this as the command:grsync -e “name of session”

That’s it!

As a bonus, if you want to be able to easily check to make sure your backup ran, create a blank text document somewhere. Then open a new black document and type this in:

#!/bin/sh
grsync -e “session name“;
touch test file location;

Save this as something.sh. Then go back in to Gnome Schedule and change the command to ./filename.sh. Remember that the command is run in the home directory, so if the script is in /home/username/files/scripts/script.sh, you have to say ./files/scripts/script.sh.

Now after every time the backup is run, the test file you created will be updated to say it was last modified at the current time.

Are you sick of drop down menus being hidden by Flash content? Flash Player 10 prerelease fixes that. Here is how you can install it: (This tutorial is for Ubuntu, however it should work on other distros.)

Visit this page. Click on “Download Plugin for Linux (TAR.GZ, 3.71 MB)” and save the file to your desktop.

Right click on the file and choose “Extract Here.”

Open up a terminal (Applications > Accessories > Terminal) and type in this code:cd Desktop